Abstract
The work presented in this paper is the result of a collaboration between academics, industry and lawyers to show the applicability of the privacy by design approach to biometric systems and the benefit of formal methods to this end. The choice of particular techniques and the role of the components (central server, secure module, terminal, smart card, etc.) in the architecture have a strong impact on the privacy guarantees provided by a biometric system. However, existing proposals were made on a case by case basis, which makes it difficult to compare them and to provide a rationale for the choice of specific options. In this paper, we show that a general framework for the definition of privacy architectures can be used to specify these options and to reason about them in a formal way.
Chapter PDF
References
Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: ACM Symposium on Principles of Programming Languages, POPL 2001, pp. 104–115. ACM Press (2001)
Antignac, T., Le Métayer, D.: Privacy architectures: Reasoning about data minimisation and integrity. In: Mauw, S., Jensen, C.D. (eds.) STM 2014. LNCS, vol. 8743, pp. 17–32. Springer, Heidelberg (2014)
Antignac, T., Le Métayer, D.: Trust driven strategies for privacy by design. In: Damsgaard Jensen, C., Marsh, S., Dimitrakos, T., Murayama, Y. (eds.) IFIPTM 2015. IFIP AICT, vol. 454, pp. 60–75. Springer, Heidelberg (2015)
Barth, A., Datta, A., Mitchell, J.C., Nissenbaum, H.: Privacy and contextual integrity: Framework and applications. In: IEEE Symposium on Security and Privacy, S&P 2006, pp. 184–198. IEEE Computer Society (2006)
Becker, M.Y., Malkis, A., Bussard, L.: S4P: A generic language for specifying privacy preferences and policies. Technical report, Microsoft Research / IMDEA Software / EMIC (2010)
Blanton, M., Gasti, P.: Secure and efficient protocols for iris and fingerprint identification. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 190–209. Springer, Heidelberg (2011)
Bringer, J., Chabanne, H., Izabachène, M., Pointcheval, D., Tang, Q., Zimmer, S.: An application of the Goldwasser–Micali cryptosystem to biometric authentication. In: Pieprzyk, J., Ghodosi, H., Dawson, E. (eds.) ACISP 2007. LNCS, vol. 4586, pp. 96–106. Springer, Heidelberg (2007)
Delaune, S., Kremer, S., Ryan, M.: Verifying privacy-type properties of electronic voting protocols: A taster. In: Chaum, D., Jakobsson, M., Rivest, R.L., Ryan, P.Y.A., Benaloh, J., Kutylowski, M., Adida, B. (eds.) Towards Trustworthy Elections. LNCS, vol. 6000, pp. 289–309. Springer, Heidelberg (2010)
Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523–540. Springer, Heidelberg (2004)
Dwork, C.: Differential privacy. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol. 4052, pp. 1–12. Springer, Heidelberg (2006)
European Parliament. European Parliament legislative resolution of 12 March 2014 on the proposal for a regulation of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data. General Data Protection Regulation, Ordinary legislative procedure: first reading (2014)
Fagin, R., Halpern, J., Moses, Y., Vardi, M.: Reasoning About Knowledge. MIT Press (2004)
Fournet, C., Kohlweiss, M., Danezis, G., Luo, Z.: ZQL: A compiler for privacy-preserving data processing. In: USENIX 2013 Security Symposium, pp. 163–178. USENIX Association (2013)
Gentry, C.: Fully homomorphic encryption using ideal lattices. In: ACM Symposium on Theory of Computing, STOC 2009, pp. 169–178. ACM Press (2009)
Govan, M., Buggy, T.: A computationally efficient fingerprint matching algorithm for implementation on smartcards. In: Biometrics: Theory, Applications, and Systems, BTAS 2007, pp. 1–6. IEEE Computer Society (2007)
Gürses, S., Troncoso, C., Díaz, C.: Engineering Privacy by Design. Presented at the Computers, Privacy & Data Protection Conference (2011)
Halpern, J.Y., Pucella, R.: Dealing with logical omniscience. In: Conference on Theoretical Aspects of Rationality and Knowledge, TARK 2007, pp. 169–176 (2007)
Huang, Y., Malka, L., Evans, D., Katz, J.: Efficient privacy–preserving biometric identification. In: Network and Distributed System Security Symposium, NDSS 2011. The Internet Society (2011)
Jain, A.K., Ross, A., Prabhakar, S.: An introduction to biometric recognition. IEEE Trans. Circuits Syst. Video Techn. 14(1), 4–20 (2004)
Juels, A., Sudan, M.: A fuzzy vault scheme. Des. Codes Cryptography 38(2), 237–257 (2006)
Kanak, A., Sogukpinar, I.: BioPSTM: a formal model for privacy, security, and trust in template-protecting biometric authentication. Security and Communication Networks 7(1), 123–138 (2014)
Kerschbaum, F.: Privacy-preserving computation (position paper). In: Preneel, B., Ikonomou, D. (eds.) APF 2012. LNCS, vol. 8319, pp. 41–54. Springer, Heidelberg (2014)
Lai, L., Ho, S.-W., Poor, H.V.: Privacy-security trade-offs in biometric security systems – Part I: single use case. IEEE Transactions on Information Forensics and Security 6(1), 122–139 (2011)
Lai, L., Ho, S.-W., Poor, H.V.: Privacy-security trade-offs in biometric security systems – Part II: multiple use case. IEEE Transactions on Information Forensics and Security 6(1), 140–151 (2011)
Li, H., Pang, L.: A novel biometric–based authentication scheme with privacy protection. In: Conference on Information Assurance and Security, IAS 2009, pp. 295–298. IEEE Computer Society (2009)
Maffei, M., Pecina, K., Reinert, M.: Security and privacy by declarative design. In: IEEE Symposium on Computer Security Foundations, CSF 2013, pp. 81–96. IEEE Computer Society (2013)
McSherry, F.: Privacy integrated queries: an extensible platform for privacy-preserving data analysis. In: ACM Conference on Management of Data, SIGMOD 2009, pp. 19–30. ACM Press (2009)
Le Métayer, D.: Privacy by design: A formal framework for the analysis of architectural choices. In: ACM Conference on Data and Application Security and Privacy, CODASPY 2013, pp. 95–104. ACM Press (2013)
Mulligan, D.K., King, J.: Bridging the gap between privacy and design. University of Pennsylvania Journal of Constitutional Law 14, 989–1034 (2012)
National Institute of Standards and Technology (NIST). MINEXII – an assessment of Match–On–Card technology (2011), http://www.nist.gov/itl/iad/ig/minexii.cfm
International Standard Organization. International standard iso/iec 24787:2010, information technology – identification cards – on-card biometric comparison (2010)
Osadchy, M., Pinkas, B., Jarrous, A., Moskovich, B.: SCiFI – A system for secure face identification. In: IEEE Symposium on Security and Privacy, S&P 2010, pp. 239–254. IEEE Computer Society (2010)
Pucella, R.: Deductive algorithmic knowledge. J. Log. Comput. 16(2), 287–309 (2006)
Spiekermann, S., Cranor, L.F.: Engineering privacy. IEEE Trans. Software Eng. 35(1), 67–82 (2009)
Ta, V.-T., Antignac, T.: Privacy by design: On the conformance between protocols and architectures. In: Cuppens, F., Garcia-Alfaro, J., Zincir Heywood, N., Fong, P.W.L. (eds.) FPS 2014. LNCS, vol. 8930, pp. 65–81. Springer, Heidelberg (2015)
Tang, Q., Bringer, J., Chabanne, H., Pointcheval, D.: A formal study of the privacy concerns in biometric-based remote authentication schemes. In: Chen, L., Mu, Y., Susilo, W. (eds.) ISPEC 2008. LNCS, vol. 4991, pp. 56–70. Springer, Heidelberg (2008)
Troncoso-Pastoriza, J.R., Pérez-González, F.: Fully homomorphic faces. In: International Conference on Image Processing, ICIP 2012, pp. 2657–2660. IEEE Computer Society (2012)
Uludag, U., Pankanti, S., Jain, A.K.: Fuzzy vault for fingerprints. In: Kanade, T., Jain, A., Ratha, N.K. (eds.) AVBPA 2005. LNCS, vol. 3546, pp. 310–319. Springer, Heidelberg (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Bringer, J., Chabanne, H., Le Métayer, D., Lescuyer, R. (2015). Privacy by Design in Practice: Reasoning about Privacy Properties of Biometric System Architectures. In: Bjørner, N., de Boer, F. (eds) FM 2015: Formal Methods. FM 2015. Lecture Notes in Computer Science(), vol 9109. Springer, Cham. https://doi.org/10.1007/978-3-319-19249-9_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-19249-9_7
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-19248-2
Online ISBN: 978-3-319-19249-9
eBook Packages: Computer ScienceComputer Science (R0)